CVE-2011-0538 Wireshark: memory corruption when reading a malformed pcap file
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
wireshark (Ubuntu) |
Invalid
|
Medium
|
Unassigned | ||
Karmic |
Invalid
|
Medium
|
Unassigned | ||
Lucid |
Invalid
|
Medium
|
Mahyuddin Susanto | ||
Maverick |
Invalid
|
Medium
|
Unassigned |
Bug Description
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
affects ubuntu/wireshark
status inprogress
assignee udienz
importance medium
security yes
done
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-0538 to
the following vulnerability:
Name: CVE-2011-0538
URL: http://
Assigned: 20110120
Reference: MLIST:[
pointer
Reference: URL:http://
Reference:
MISC:https:/
Reference: CONFIRM:https:/
Reference: BID:46167
Reference: URL:http://
Wireshark 1.5.0, 1.4.3, and earlier frees an uninitialized pointer
during processing of a .pcap file in the pcap-ng format, which allows
remote attackers to cause a denial of service (memory corruption) or
possibly have unspecified other impact via a malformed file.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://
iF4EAREIAAYFAk1
xuXMhWvd4xK6JKV
=fAxp
-----END PGP SIGNATURE-----
visibility: | private → public |
Changed in wireshark (Ubuntu): | |
assignee: | Mahyuddin Susanto (udienz) → nobody |
status: | In Progress → New |
Changed in wireshark (Ubuntu Lucid): | |
status: | New → Triaged |
status: | Triaged → New |
Changed in wireshark (Ubuntu Lucid): | |
status: | New → Confirmed |
tags: | added: patch-needswork |
Attached lucid patch, fixing:
- CVE-2010-4300 LP: #682549
- CVE-2011-0444 LP: #730415
- CVE-2010-4538 LP: #730417
- CVE-2010-3445 LP: #682549
- CVE-2010-2995 CVE-2010-2287 LP: #730419
- CVE-2011-0538 LP: #730413
- CVE-2011-0713 LP: #730412
- CVE-2011-1139 LP: #730409